package com.itheima.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/security")
public class SecurityController {

    @RequestMapping("/add")
    @PreAuthorize("hasAuthority('add')")//拥有add权限可以访问
    public String add(){
        System.out.println("add...");
        return "add...";
    }


    @RequestMapping("/myAdmin")
    @PreAuthorize("hasRole('ROLE_ADMIN')")//拥有ROLE_ADMIN角色可以访问
    public String myAdmin(){
        System.out.println("myAdmin...");
        return "myAdmin...";
    }

    @RequestMapping("/no")
    public String no(){
        System.out.println("no...");
        return "no...";
    }
}
